Forgot your password?
typodupeerror
It's funny.  Laugh. Security News

San Francisco DA Discloses City's Passwords 333

Posted by Soulskill
from the you-sure-showed-him dept.
snydeq writes "The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's VPN. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case against Terry Childs. Though they placed the passwords in the public record, city prosecutors do seem to think that they are sensitive. InfoWorld's Paul Venezia, who has been following the case closely, provides further analysis of the technical details in the city's case. 'By themselves, [the passwords] would not be enough to allow anyone to access the network via VPN,' Venezia writes, 'but the fact that the city entered them into evidence is quite shocking. At the very least, they'll have to shut down their VPN access for awhile until they've changed them all and modified the configurations of some large number of VPN clients.'"
This discussion has been archived. No new comments can be posted.

San Francisco DA Discloses City's Passwords

Comments Filter:
  • Ah HA! (Score:5, Insightful)

    by clang_jangle (975789) * on Friday July 25, 2008 @06:59PM (#24343005) Journal
    AH HA! See, Childs was right , he is the only competent one!
    • Re:Ah HA! (Score:5, Interesting)

      by WK2 (1072560) on Friday July 25, 2008 @07:09PM (#24343129) Homepage

      Why did the DA even have access to these passwords? Why were they not in hash form? Did Child's have anything to do with that part?

      • Re:Ah HA! (Score:5, Insightful)

        by GameboyRMH (1153867) <gameboyrmhNO@SPAMgmail.com> on Friday July 25, 2008 @07:23PM (#24343347) Journal

        My first thought. Whenever a password is stored in a form that it could be retrieved (rather than only reset), the users should be notified beforehand, otherwise it's just unethical IMO...not to mention the security issues.

      • RTFA (Score:5, Informative)

        by Estanislao Martínez (203477) on Friday July 25, 2008 @07:51PM (#24343675) Homepage

        Why did the DA even have access to these passwords? Why were they not in hash form? Did Child's have anything to do with that part?

        From the article:

        The passwords, discovered on Childs' computer, pose an "imminent threat" to the city's computer network, according to the court filing. Childs could use the names and passwords to "impersonate any of the legitimate users in the City by using their password to gain access to the system," the motion against the bail reduction states.

        So, in answer to your questions: probably because the police found them as a result of their investigation, because Childs allegedly kept them in plaintext, and yes, allegedly, Childs had plenty to do with it.

        Do you have any other questions? Perhaps the article answers them.

        • Re: (Score:3, Insightful)

          by GaryOlson (737642)

          Do you have any other questions?

          Why are these introduced in a bail hearing? Is he going to sell them to buy a plane ticket to a non-extradition country? Could he use a network access password to arrange travel as a third party and avoid prosecution?

          These login/passwords were found on his office computer. How the hell do you think he is going to access this computer even if he is free on bail? Something tells me he will have a very hard time obtaining this data.

          • Re:RTFA (Score:5, Insightful)

            by Anonymous Psychopath (18031) on Friday July 25, 2008 @09:03PM (#24344295) Homepage
            They aren't worried about releasing him on bail with what they know Child's knows. They are worried about what they don't know that he knows. Perhaps the copy of the password file found on his office PC is not the only copy? How could you know that he doesn't have it on a USB key in a safe deposit box or something along those lines. I wouldn't want him where I couldn't keep an eye on him until everything he had access to (and probably everything I didn't think he had access to) had undergone a complete audit.
            • Re:RTFA (Score:4, Insightful)

              by forand (530402) on Friday July 25, 2008 @10:56PM (#24345097) Homepage
              See the problem with what you are saying is that you are assuming he is guilty. While that may seem obvious to you and I, that is not, nor should be, how the court views things. His bail is obviously being set because of fears he could do more instead of fears he will flee his prosecution which is the intent. If they fear he may commit more crimes they should place him in prison without bail and state as much. As it is they are just playing with the law to get what they want without asking for it directly.
            • DA is retarded (Score:4, Insightful)

              by jackspenn (682188) on Saturday July 26, 2008 @02:51AM (#24346185)
              Well since the Constitution grants him the right of discovery, if that was the only copy, all Childs has to do is file a motion to see the evidence against him to obtain those usernames and passwords, plus because they were entered into a court record, if he or a friend were to launch an attack or whatever, he would have reasonable doubt given that any court clerk, judge, DA, case officer, police officer, citizen/group/reporter filing open record request, etc. can now see it. Better still if the system were hacked while he was in jail he could use it as defense saying "Hey, when I was running things the network remained secure, but as soon as I was removed it was compromised so how can the DA suggest to the jury that I was somehow putting the network at undo risk? The facts suggest otherwise. Just imagine how cool it would be to read on /. that this happened? Hum?

              Honestly the more I read about this the worse SF managers and the DA look. How dumb are they, I mean they are disproving their own case, if I were Childs' lawyer, I would ask this question to the DA in front of the jury "Just so I get this straight, because I am a simple man, you are telling us that this information was so confidential and put the city at so much risk that you publicized it yourself the same day that you made a statement about the dangers of Childs potentially releasing the information? Did you make sure the passwords and usernames were changed before doing so? Isn't it possible that the usernames alone being published could create a target point for hackers to work from? Allowing them to launch either DOS attacks if lockouts are set on thes accounts or to continually work on cracking passwords if no lockout is set? Do you even have the technical knowledge to understand the details of this case without you yourself putting the city at risk like you 'allege' my client has? If Childs put the city at risk by having it on his computer and deserves jail time, what punishment should you get for filing it into the court records? Didn't security concerns worry you? Where is the confirmation the passwords were updated or the account deactivated before you entered sensitive information with the court?"

              This is out of a comic stripe, SF is run by idiots. Childs is not the problem it is those that let him control everything so long as he did their work for them. Those are the people who should be on trial. It is a retarded DA that is 1). Putting city systems are risk for a prosecution and 2). Given the defense more ammunition.
          • Re: (Score:3, Interesting)

            maybe it's a bluff. Now that they've put them in the public record, they can go to the judge and say "we KNOW he has access to this username\password list, because we just made it available to him, so you can't let him out incase he uses it to damage the network". Which would be very slimy indeed, but then they're lawyers, slimey is their modus operandi.
            On another note, isn't the POINT of the 8th amendment to stop bail deliberately set so high that the person being held cannot hope to post it? (which seems

            • Re: (Score:3, Informative)

              by TubeSteak (669689)

              On another note, isn't the POINT of the 8th amendment to stop bail deliberately set so high that the person being held cannot hope to post it? (which seems to be what the DA here wants)

              Bail is considered excessive in relation to the crime alleged, not to the means of the defendant, even though the means of the defendant is considered when setting bail.

              In other words, your inability to afford bail is not one of the defining characteristics of "excessive bail".

        • Re:RTFA (Score:5, Interesting)

          by masdog (794316) <masdog&gmail,com> on Friday July 25, 2008 @09:26PM (#24344465)

          Do they even know what those "usernames" and "passwords" are for? Did they check any documentation or did they just assume that the list was a list of individual users and passwords that Childs could use to wreck havoc?

          After reading the article, it seems like the list consists of Cisco VPN group names and pre-shared keys, not usernames and passwords. To someone who isn't familiar with the technology, it would look like a username and password, and I'm sure they are counting on the technological ignorance of the Judge and the general public to keep up this charade.

          It will be interesting when this thing finally goes to trial. The city is probably going to end up eating its words.

      • by Hanzie (16075) * on Friday July 25, 2008 @07:59PM (#24343759)
        from TFA --

        The username/password combos were apparently functioning sets. The DA is saying they found them on Child's own computer. The DA is all in a tizzy because Child's could then use these accounts to sneak into the system and cause mischief without getting tracked back.

        Right. The only guy in the world with God level access to this network needs fake usernames/passwords so he can 'cause mischief'?

        Give me a fucking break. I can think of many reasons for him to have those combos on his personal system.

        1. He's checking to see what naughtiness has already happened with those accounts
        2. He's got accounts so he can log in with a lower level of access and see what's accessible
        3. These are usernames/password combos that he sniffed off the network, during routine security testing.
        4. These are people with accounts that have had some kind of trouble, and he's got them so he can attempt to diagnose problems linked to user level access.
        5. It's a list of post-it pad's he's seen while walking around at work, and he'd been planning to inform the users to change their passwords.
        6. They're the output list of a password security checker.

        Apparently the less than brilliant DA's office is unaware that the GOD level admin has the ability to do anything at all on the network and REMOVE ALL TRACES IN THE LOGS afterwards. It's trivial, when you're the one who runs the tattletales.

        Dear DA office: IF YOU LOOK HARD YOU'LL UNDOUBTEDLY FIND EVIDENCE TRACY EAVESDROPPING ON THE NETWORK SNIFFING AND ATTEMPTING TO ILLEGALLY PENETRATE THE SYSTEM. IT'S PART OF HIS JOB, MORONS. IF YOU KEEP BRINGING THIS CRAP UP, YOU'LL ONLY LOOK STUPIDER.

        Keep this up, and Nifong will have company in the 'worlds dumbest DA's club'

        • by Anonymous Psychopath (18031) on Friday July 25, 2008 @09:18PM (#24344403) Homepage

          from TFA --

          The username/password combos were apparently functioning sets. The DA is saying they found them on Child's own computer. The DA is all in a tizzy because Child's could then use these accounts to sneak into the system and cause mischief without getting tracked back.

          Right. The only guy in the world with God level access to this network needs fake usernames/passwords so he can 'cause mischief'?

          Give me a fucking break. I can think of many reasons for him to have those combos on his personal system.

          1. He's checking to see what naughtiness has already happened with those accounts

          They should have (but maybe do not) procedures for suspicious accounts. If they don't Childs should have created and documented one.

          He's got accounts so he can log in with a lower level of access and see what's accessible

          More reasonable, but 150 of them? That doesn't seem plausible.

          These are usernames/password combos that he sniffed off the network, during routine security testing.

          Possibly, but why did he need to keep a copy of the password file? If his goal was to uncover security vulnerabilities, it isn't necessary to keep the credentials uncovered.

          These are people with accounts that have had some kind of trouble, and he's got them so he can attempt to diagnose problems linked to user level access.

          It is not standard nor best practice to ask a user for their password, ever. If you need to access their account, you use admin privs to change their password, do whatever needs to be done, then ask the user to change it themselves when you no longer need access to their account.

          It's a list of post-it pad's he's seen while walking around at work, and he'd been planning to inform the users to change their passwords.

          You need the user's name for that. Not their login ID and password. Also, the number of passwords in the file makes this implausible.

          They're the output list of a password security checker.

          I think this one is redundant. While it is best practice to examine the security of your own network, it is not common nor reasonable to keep an archive of usernames/passwords uncovered.

          Apparently the less than brilliant DA's office is unaware that the GOD level admin has the ability to do anything at all on the network and REMOVE ALL TRACES IN THE LOGS afterwards. It's trivial, when you're the one who runs the tattletales.

          Dear DA office: IF YOU LOOK HARD YOU'LL UNDOUBTEDLY FIND EVIDENCE TRACY EAVESDROPPING ON THE NETWORK SNIFFING AND ATTEMPTING TO ILLEGALLY PENETRATE THE SYSTEM. IT'S PART OF HIS JOB, MORONS. IF YOU KEEP BRINGING THIS CRAP UP, YOU'LL ONLY LOOK STUPIDER.

          Keep this up, and Nifong will have company in the 'worlds dumbest DA's club'

          I think you should examine the well-documented, published, and logical security & administration best practices. Keeping a password list on a PC is a great way to compromise your network. If it turns out that these are, indeed, valid user security credentials, Childs doesn't appear to know the first thing about information security.

          • by dreamchaser (49529) on Friday July 25, 2008 @09:46PM (#24344623) Homepage Journal

            It is not standard nor best practice to ask a user for their password, ever. If you need to access their account, you use admin privs to change their password, do whatever needs to be done, then ask the user to change it themselves when you no longer need access to their account.

            Actually that IS standard practice...but for desktop techs, not admins. I often have to admonish people for this, but it's quite a common practice to get the user's password so as to facilitate service. It certainly isn't a best practice, but it's a common one and in most cases it inconveniences the user far less.

          • They released ALL damn passwords in a public record.
            Anyone (who already has physical access to this network), which could be quite many people, could have various degree of access to the network.
            I'm sure hackers who already got a way to the network perimeter would like these passwords too.
            The ensuing chaos will prove he was right, sadly they will make him the scapegoat for it too, none will see (or admit) Childs was right.

        • by loraksus (171574) on Friday July 25, 2008 @10:23PM (#24344891) Homepage

          7. Cisco PCF files w/ the group names, etc, filled in.

          That's probably what this is, and the increasingly desperate prosecutor is trying to find things that can be used to dazzle the jury.

    • Dang! (Score:5, Insightful)

      by Ungrounded Lightning (62228) on Friday July 25, 2008 @07:10PM (#24343147) Journal

      AH HA! See, Childs was right , he is the only competent one!

      Dang! You beat me to posting about it.

      Wasn't part of Childs' point that password security in the S.F. government was lax and that divulging the big one in a way that would spread it around was dangerous to the network?

      Given that the configurations on the routers weren't saved, the first guy to use that password on them had better be DARNED careful to get them recorded before changing anything or he's likely to break the network big time. So handing it to an administrator, who will hand it to several people, any of whom might leak it, could cause the net to come crashing down.

      If all they'll let him do for a handoff is hand off the passwords, I can see how a prima donna BOFH would want to hand the big one directly to his successor, who would then spend the next week carefully recording the configs as-running before making changes or sharing the password with less-skilled delegates.

      Not that it's right. But looks to me like the city is making his point for him - which his lawyer should use in a counter-argument at the bail hearing. B-)

      • Given that the configurations on the routers weren't saved,

        Huh, wuh? Where did you get that from? All I read was that they were not written to flash on the router. That doesn't mean they weren't written to an encrypted file on a tftp server (and can be written out again with admin privs). Bollox up the router? Reboot it and you are back to normal.

        Now I haven't seen explicit confirmation that the configs were tftp'able, but unless Childs is some sort of rainman of router configurations there is no way that even he could have managed more than a small handful of

    • Re:Ah HA! (Score:4, Interesting)

      by kesuki (321456) on Friday July 25, 2008 @07:11PM (#24343153) Journal

      "AH HA! See, Childs was right , he is the only competent one!"

      from TFA: 'Some of the passwords would benefit from a change because they are identical to the VPN log-in name or extremely easy to guess.'

      wow, bad passwords, no wonder the guy was worried, using dictionary words is like not having a password as far as hackers are concerned, same deal with identical user/pass combos. i realize they use a encrypted key along with the password, but still...

      • Re:Ah HA! (Score:5, Insightful)

        by Volante3192 (953645) on Friday July 25, 2008 @07:17PM (#24343243)

        Bad IT policy, or bad users? IT is sadly not as much a dictatorship as we'd like. If enough users whine, it ends up being policy that passwords get lax. These users "are too important to have to come up with complex passwords incorporating at least 3 different character types in 8 or more characters"

        Make password policies too complex, users just write them down. Frying pan, fire...welcome to IT.

        • by kesuki (321456)

          you should teach users to write down hints that aren't the actual password, but allow them to remember what the password is.

          besides, writing down passwords is only bad if you don't protect who can read the paper properly.

        • Re: (Score:3, Insightful)

          by johannesg (664142)

          Bad IT policy, or bad users? IT is sadly not as much a dictatorship as we'd like. If enough users whine, it ends up being policy that passwords get lax. These users "are too important to have to come up with complex passwords incorporating at least 3 different character types in 8 or more characters"

          Make password policies too complex, users just write them down. Frying pan, fire...welcome to IT.

          Of course! Take my PC at work: I am required to use a different password every six months, and it has to be long and contain three different character types. And after ten minutes of inactivity, my PC automatically locks the screen. Great security, right?

          Except... Outsiders cannot physically get into the office, and the PC cannot be reached from the internet, so the only potential source of hackers are my colleagues. And since all data is kept on network disks anyway, and since those are accessible to every

    • Re:Ah HA! (Score:5, Interesting)

      by Hanzie (16075) * on Friday July 25, 2008 @07:21PM (#24343313)
      Hey guys,

      If you have any other opinions you'd really like entered into the public record, have at it. I'd say there's a very good chance that this discussion will be entered as evidence by the defense.:)

      If anyone is counting, add my vote for the VPN passwords' disclosure being hard evidence that the IT admin was perfectly correct.

      That and the fact that the SF network stayed up while the world's hackers KNEW that the network was completely unsupervised.

      Frankly, if I were looking to hire somebody, I'd be chipping into this guy's defense fund. Speaking as a real-world IT manager, I'd say this guys judgement is spot on, and his admin skills are amazing.

      In my own humble opinion, then SF DA's office is full of idiots.

      hanzie.

    • Re:Ah HA! (Score:5, Insightful)

      by _Sprocket_ (42527) on Friday July 25, 2008 @07:22PM (#24343337)

      Childs' defense attorney has got to be happy about this.

      "Your Honor.. I would like to direct the Court's attention to Exhibit A; the mere existence of which proves our case..."

  • by 99luftballon (838486) on Friday July 25, 2008 @07:01PM (#24343019)
    If this is the level of fuckwittage he had to deal with while in his job I'm not surprised he locked others out.
    • by ScrewMaster (602015) on Friday July 25, 2008 @07:13PM (#24343197)
      Yeah. It must've been a tough call, though, because he didn't really have the authority to do that, but on the other hand, if he hadn't, the buffoons running that department would caused the city even more grief.

      Sounds more like he should have gotten a reward or a medal or something. It's funny, but this is a case of a citizen protecting a government from itself, not the other way around.
    • by LaskoVortex (1153471) on Friday July 25, 2008 @07:59PM (#24343763)

      If this is the level of fuckwittage he had to deal with while in his job I'm not surprised he locked others out.

      As you are well aware, bureaucracy is ruled mostly by idiots. They are put into places of power with the bureaucracy for precisely this reason. Their idiocy makes them less threatening. Once arriving there, being idiots, they are suspicious of anyone smarter. They especially do not like their own idiocy shoved in their face with the constant superior intellect of those who may happen to come along. Now these idiots can do stupid things, like enter passwords into public record or fire talented sys admins, but they will not get in trouble. Why? Because its better to do the wrong thing because you are stupid than it is to do the right thing that some idiot made against the rules one time.

      • Re: (Score:3, Insightful)

        >>bureaucracy is ruled mostly by idiots

        There is a common saying wrt management/bureaucracy/gov't jobs:

        "In a Hierarchy Every Employee Tends to Rise to His Level of Incompetence"

        And the corollary:

        "In time, every post tends to be occupied by an employee who is incompetent to carry out his duties; work is accomplished by those employees who have not yet reached their level of incompetence"

        This is known as the Peter Principle. It is a deviously simple concept with far-ranging consequences: Every employee w

  • Then the users will change them right back to what they were.

    Where I used to work, you had to change your password every month. After you changed it three times, you could it back to the original.

    So people just changed their password 4 times.

    • by Jane Q. Public (1010737) on Friday July 25, 2008 @07:14PM (#24343219)
      I attended a lecture some years ago by a Microsoft employee who was high up in their security structure.

      He started his speech by asking the audience, "Passwords and policies should be made as strong and secure as possible, right?"

      A show of many hands.

      He said, "Wrong! It is possible for a password policy to be TOO secure. Let me give you an example. It is possible to set up a security policy in NT that requires a password of at least 8 characters, which must also be mixed case, have at least one numerical digit, and at least one non-alphanumeric character, and which will require a change of password every week."

      "As soon as you implement that policy, users will write their password on a post-it note, stick it to their monitor, and replace it with a new one every week. So you see, a password policy CAN be too secure for your own good."
      • ... to help you weed out useful comments dammit.
      • > As soon as you implement that policy, users will write their password on a post-it note,
        > stick it to their monitor, and replace it with a new one every week.

        Which, for some threat models, can be an entirely reasonable thing to do.

      • Re: (Score:3, Funny)

        I attended a lecture some years ago by a Microsoft employee who was high up in their security structure.

        [...]

        "Wrong! It is possible for a password policy to be TOO secure. Let me give you an example. It is possible to set up a security policy in NT that requires a password of at least 8 characters, which must also be mixed case, have at least one numerical digit, and at least one non-alphanumeric character, and which will require a change of password every week."

        "As soon as you implement that policy, users will write their password on a post-it note, stick it to their monitor, and replace it with a new one every week. So you see, a password policy CAN be too secure for your own good."

        This, by the way, *IS* the policy used internally at Microsoft.

      • Re: (Score:3, Interesting)

        by LaminatorX (410794)

        For a client database too which I am the sole admin, I change my password on a monthly basis in a sequence based on the product of two formulas.

        The formulas are in two places, my head and a sealed envelope in the company safe. I realize someone could crack the maths if they had enough old passwords and time, but if I get hit by a car tomorrow, my boss could unseal the envelope and calculate this months password.

    • by clang_jangle (975789) * on Friday July 25, 2008 @07:24PM (#24343367) Journal
      I used to work in an office which was a complete free-for-all. Once I had some code I needed to test on a Windows machine (mine was Linux), and I saw that (let's call him) "John", who had a Windows box was away from his desk. Just on a hunch, I sat down and typed his username, and entered "password" for the password (literally). Poof, I was in! So I did my little test thing and was about to log off, when "John" appeared, smiling. He said, "Oh thank God you got my login, I've been locked out of the system all day because I can't remember my password! What is it?" It was perhaps the only time in my life I actually knew what it meant to "be at a loss for words"
  • by seanadams.com (463190) * on Friday July 25, 2008 @07:03PM (#24343045) Homepage

    I had my doubts at first, but this makes it abundantly clear that Childs was right . More right than any of us might have imagined when this spin-doctored story first came out.

    In hindsight he took totally reasonable, prudent measures to protect incompetent city officials from themselves. Who knows how they got into that situation, but I won't blame him for anything in light of this, and I sincerely hope a jury wouldn't either.

    He should first collect damages himself, and then initiate a class action suit against the city on behalf of all their residents. Maybe put the DA in jail for criminal negligence - in fact I'd venture a guess that he's mentally defective enough to file the charges himself.

    • he's mentally defective enough

      er.. make that "she"

    • Re: (Score:3, Insightful)

      by loraksus (171574)

      The problem is the jury will be filled with people who are clueless about computers, as the DA will remove anyone who has even the slightest knowledge of network security.

      Not really "jury of your peers", but everyone unofficially agrees juries composed of dumbasses make trials nice and quick. Anyways...

      As for Kamela's dumbass move? Prosecutors in the USA enjoy virtual immunity, even something as stupid as she did won't result in any repercussions - at least in the court systems - once script kiddies get a h

  • by ActionDesignStudios (877390) on Friday July 25, 2008 @07:06PM (#24343079)
    Does anyone have a torrent of these alleged usernames and passwords?
    • Re: (Score:3, Interesting)

      by BUL2294 (1081735)
      Now, how long until scan of the username/password document shows up on the court's website as a form of public disclosure??? It wouldn't surprise me if the moronic DA forgot to ask for the exhibit to be sealed...
    • Re: (Score:2, Offtopic)

      by Zymergy (803632) *
      I bet a fat box of PrOn one of the passwords is "12345"...
  • ... that Childs made the right decision after all. The prosecution is making his case for him!
  • top 5 list (Score:3, Funny)

    by Anonymous Coward on Friday July 25, 2008 @07:10PM (#24343139)

    The top 5:

    password
    admin
    root
    guest
    t3rrych1lds1337haxx0r

  • by pembo13 (770295) on Friday July 25, 2008 @07:10PM (#24343149) Homepage
    Even if the sysadmin referred to as 'Childs' was a paranoid schizophrenic, does not mean he wasn't right.
  • by peterofoz (1038508) on Friday July 25, 2008 @07:11PM (#24343155) Homepage Journal
    So who will be the first to print up and sell t-shirts to support Terry Childs? Perhaps they can also print the SF VPN usernames and passwords on the back. Design suggestions welcome.
    • Re: (Score:2, Insightful)

      Huh? What? It's not his network. He's not some kind of hero. Yeah, there are other idiots in the world, but seriously, anyone seeing Childs as some kind of champion of security is sadly, sorely mistaken.
      • by kv9 (697238) on Friday July 25, 2008 @07:37PM (#24343543) Homepage

        Huh? What? It's not his network. He's not some kind of hero. Yeah, there are other idiots in the world, but seriously, anyone seeing Childs as some kind of champion of security is sadly, sorely mistaken.

        what more proof do you need? this action demonstrates he was right. it's not "his" network but I'm pretty sure he was in charge of its security. he tried to keep it secure, for what are now obvious reasons, and he got thrown in jail for it.

      • Are you familiar with the ACM code of ethics [acm.org]? Section 1.2, Verbatim:

        1.2 Avoid harm to others.

        "Harm" means injury or negative consequences, such as undesirable loss of information, loss of property, property damage, or unwanted environmental impacts. This principle prohibits use of computing technology in ways that result in harm to any of the following: users, the general public, employees, employers. Harmful actions include intentional destruction or modification of files and programs leading to serious loss of resources or unnecessary expenditure of human resources such as the time and effort required to purge systems of "computer viruses."

        Well-intended actions, including those that accomplish assigned duties, may lead to harm unexpectedly. In such an event the responsible person or persons are obligated to undo or mitigate the negative consequences as much as possible. One way to avoid unintentional harm is to carefully consider potential impacts on all those affected by decisions made during design and implementation.

        To minimize the possibility of indirectly harming others, computing professionals must minimize malfunctions by following generally accepted standards for system design and testing. Furthermore, it is often necessary to assess the social consequences of systems to project the likelihood of any serious harm to others. If system features are misrepresented to users, coworkers, or supervisors, the individual computing professional is responsible for any resulting injury.

        In the work environment the computing professional has the additional obligation to report any signs of system dangers that might result in serious personal or social damage. If one's superiors do not act to curtail or mitigate such dangers, it may be necessary to "blow the whistle" to help correct the problem or reduce the risk. However, capricious or misguided reporting of violations can, itself, be harmful. Before reporting violations, all relevant aspects of the incident must be thoroughly assessed. In particular, the assessment of risk and responsibility must be credible. It is suggested that advice be sought from other computing professionals. See principle 2.5 regarding thorough evaluations.

      • Re: (Score:3, Insightful)

        by LaskoVortex (1153471)

        Huh? What? It's not his network. He's not some kind of hero. Yeah, there are other idiots in the world, but seriously, anyone seeing Childs as some kind of champion of security is sadly, sorely mistaken.

        Way to back that up with cold hard reasoning. Oh wait, you didn't. On second look, I can see that you just spewed an emotional appeal meant to make you look righteous and perhaps glean some karma from the deal. Here, let me give a counter-argument with the same level of "insight" (and with exclamation points and the obligatory "Period." ending to boot):

        Chids is a champion of security! Anyone who thinks otherwise is sorely mistaken! He was trying to help because of all the idiots he is dealing with. Period.

  • I can see that there is a bright future in the cluestick market...

  • Password sniffing (Score:2, Interesting)

    by FlyingBishop (1293238)
    They seem to be operating under the assumption that Childs was sniffing passwords. Which judging from the case is just stupid. Why would anyone sniff passwords that they had absolute control of? He was sniffing unencrypted messages over the network. Even sans the unrestricted power over the network, I can't imagine Childs has any use for those passwords. Or anyone else for that matter.
    • Re: (Score:3, Informative)

      by Opportunist (166417)

      Accusing an administrator of password sniffing is usually pretty dumb, unless you're dumb enough to use the same password internally and for private, external applications. A top level admin has access to all your files if he wants to, without your password. Because (drumroll) he can simply log in as administrator with the according privileges. I.e. ALL privileges to view ALL files and do with them what he pleases. At least technically, legally you can have his hide, depending on contract.

      I spent a few year

  • by cez (539085)
    Well...declining to comment on the matter...

    Erica Derryck, a spokeswoman for the DA's office, declined to comment on the matter. The mayor's office, which supervises DTIS, did not return messages seeking comment for this story

    To change the passwords, the city will have to reconfigure the VPN software running on every PC that connects remotely, which it has not yet done, the source said.

    Because noone knows wtf they are talking about? Certainly the issue can be contained immediately by cutting VPN access

    • You're assuming that the people left in that office can manage the basics ... Childs himself didn't seem to think so. That's why he locked them out.
  • by religious freak (1005821) on Friday July 25, 2008 @07:15PM (#24343229)
    I've got to say voyeuristically looking at other people's passwords can be pretty entertaining sometimes. I know I've had a few passwords I wouldn't care to have other people know.
  • by xenophrak (457095) on Friday July 25, 2008 @07:16PM (#24343233)

    This is unfortunately par for our fine DA. Kamala Harris has proven herself to be an incompetent tool more often that I'd like to hear.

    She has angered many San Franciscans by refusing to prosecute violent criminals, and lately, found to have been lax towards the city's worst crime of the year...the murder of a father and his two sons in the Mission by a suspected illegal alien due to the city's stupid sanctuary law.

    She should be dragged out, tarred, whipped and ejected from the city, never to return.

  • by Nutria (679911) on Friday July 25, 2008 @07:18PM (#24343261)

    that has more sense than San Francisco: Louisiana!

    • Re: (Score:3, Funny)

      by rossz (67331)

      Ouch! That was a cruel comparison.

      I'm not saying you are incorrect.

      I live about 30 minutes outside of San Francisco. What's frightening about The City is the people who live there assume everyone who criticizes them are ignorant hillbillies.

  • The DA both PROVED they where wrong in locking him up, AND completely and utterly ruined their case.....all i can say is WOW.
    • The DA both PROVED they where wrong in locking him up, AND completely and utterly ruined their case

      Isn't proving they were wrong in locking him up the same thing as ruining their case?

  • One way hash passwords have been around FOREVER. I can't believe how stupid this is.

    • Read TFA... I think they were the VPN Group passwords, i.e. the PSK for the IPSec connection. They still would have to auth after they connected.

      Strange they would have a different password per user, unless they were hardware VPN clients.

      • Re:NEVERMIND! (Score:5, Interesting)

        by rahvin112 (446269) on Friday July 25, 2008 @07:52PM (#24343689)

        It's government. To think like government in implementing something like VPN you have to conceive a solution that involves the user not having to do anything (other than maybe push a button) and this includes anything other than a standard login box. Second you have to implement this in a way that the user themselves can go home and implement this solution without any site help from anyone and zero technical knowledge. (you don't send an IT person to a State Employees home, that's asking from some kind of lawsuit). Fourth the solution must be as expensive as possible, support some local business (preferable if the business owner is connected politically with one of the local leaders) and require very few extra hours from the already overworked staff.

        What does that result in? Hardware VPN boxes plugged into the network router, with the users computer plugged directly into the VPN box. Costs a lot, requires pre-configuration of the box but should require no site visits, idiots can usually successfully plug in boxes with phone support only and any reconfiguration likey requires the box to be brought back into the office as the VPN keys on the boxes are likely hard coded into a configuration on the VPN device. Likely a turn key solution so you have a hefty support contract and the vendor would likely assist with deployment and any reconfiguration resulting in a nice contract fee for reprogramming all the boxes.

        My guess is some VPN box provider is going to be doing a service call on every box and netting themselves some nice profit under their support agreement.

  • by Ungrounded Lightning (62228) on Friday July 25, 2008 @07:22PM (#24343329) Journal

    According TFA, the thing about his not saving the configs to flash is a CLAIM by the city, not something confirmed by Childs.

    So how do they KNOW that, if they don't have the passwords? Did they try rebooting some network boxes and have them not come up? (If so, how is it that the net is still running...)

    This is looking more and more like a pointy-haired-boss SNAFU than logic-bomb job-insurance/revenge sabotage.

  • are belong to us. Or something like that. its only slightly funny to me any more. A Simpsons reference is always more appropriate.

  • by FST (766202)
    My account details are on there. I hope no one breaks my account or
  • Wooo Hoo!!! Cashed.. or uhm cached credentials.. I can see crackers using their patterns for decryption schemes. Also, who knows if these passwords are used elsewhere.

  • by colinmcnamara (1152427) on Friday July 25, 2008 @07:49PM (#24343653) Homepage

    From the referenced article - "The passwords are so-called "phase one" passwords, and must be combined with a second password to access the network, the source said. " 99% chance they are using some form of Cisco device as their VPN concentrator (most like a VPN3030, ASA or 7200 series router). If they are these passwords (one per group) are in what is called a pcf file in every employees computer that is allowed to connect. Heck, if you use a Cisco vpn it is on your computer in the following location - C:\Program Files\Cisco Systems\VPN Client\Profiles . The group pass is encrypted with weak encryption that is commonly cracked to allow linux laptops to connect using vpnc. You can do it on the web here - http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode [uni-kl.de]

    The thing is, this group password's primary use is to segregate users into different buckets. E.G contractors may have on password, with different authentication methods, while permanent employees are in a different bucket, with their own authentication methods. The key thing, is that once this first password is provided, the end user still has to provide a unique username and password to gain access. So in effect, having the group password alone is meaningless.

    On top of that, I frankly would not be surprised or peeved if a network engineer had possession of PCF files for the network he is responsible for. What is next? Is the DA going to try to prosecute him for having diagrams and configs of the network he is managing on his laptop?

  • Information wants to be freeeeeeee like dirt and hippies and gay pride parades!!!!

  • by Zakabog (603757) <`moc.guamj' `ta' `nhoj'> on Friday July 25, 2008 @07:52PM (#24343687)
    Does anyone realize that the passwords would have never been given to the DA's office if it wasn't for his actions? The passwords would then not be part of public record. Do you think the person at the IT office would have made the list of passwords public if Childs left gracefully?

    Someone at the the DA's office is the incompetent person in this case, but that does not validate his locking out of everyone competent enough to take care of the system (the people that would have replaced him at the IT department.)
  • No one will ever hire this guy for an IT position again!

    Of course thats because he will retire to a nice tropical island when he gets his settlement from the city!

  • by swschrad (312009) on Friday July 25, 2008 @09:29PM (#24344493) Homepage Journal

    that's the only technology anybody in the city with a title is capable of directing.

  • by mkcmkc (197982) on Friday July 25, 2008 @09:53PM (#24344669)

    to help the City of San Francisco look stupid.

  • by Legion303 (97901) on Saturday July 26, 2008 @03:08AM (#24346241) Homepage

    "Your honor, my client did not feel comfortable giving sensitive system passwords to idiots. I'd like to enter prosecution's boneheaded public filing as Exhibit A."

Are you having fun yet?

Working...